My problem is logspam. I have 2 Windows AD domains with Windows domain controllers. Domain A has some Ubuntu/Samba domain members. I have no issue using accounts in domain A to log into the servers, no problem accessing folders shared from the Ubuntu hosts using AD credentials. Domain B trusts Domain A (one way, intransitive).
ON DOMAIN B domain controllers, I am continually (between 2 and 8 times per minute) logging a event 4625 An account failed to log on: Account name: LinuxA$@DomainA.dom status 0xC000006D
(unknown username)
Why is Samba trying to go there and how can I make it stop?
Ubuntu 20.04 / Samba 4.11.6+dfsg-0ubuntu1.6
smb.conf:
[global]
disable netbios = Yes
domain master = No
idmap gid = 10000-20000
idmap uid = 10000-20000
local master = No
log file = /var/log/samba/log.%m
logging = file
map to guest = Bad User
max log size = 1000
obey pam restrictions = Yes
pam password change = Yes
panic action = /usr/share/samba/panic-action %d
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd program = /usr/bin/passwd %u
realm = DOMAINA.DOM
restrict anonymous = 2
security = ADS
server role = standalone server
server string = %h server (Samba, Ubuntu)
template shell = /bin/bash
unix password sync = Yes
winbind enum groups = Yes
winbind enum users = Yes
winbind use default domain = Yes
workgroup = DOMAINA
idmap config * : range = 10000-20000
idmap config * : backend = tdb
Thank you for your consideration!
User contributions licensed under CC BY-SA 3.0